Security Basics mailing list archives
RE: spiceworks-opinions please?
From: "Ian Callard (IT)" <ian.callard () za suninternational com>
Date: Fri, 29 Jun 2007 19:48:25 +0200
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Murda Mcloud Sent: 25 June 2007 04:12 To: security-basics () securityfocus com Subject: spiceworks-opinions please? Hi all, I wanted to find out if anyone had used an app called spiceworks in an sme and what, if any security implications they had found from using it. It is not open source but is advertised as free(due to sponsorship) and this made a little worried as to what the EULA maye have included in it with regards to data privacy. Also, in terms of functionality what kind of client (if any) does it load on hosts in order to monitor and what type of connections does it need for monitoring. Thanks. Hi. I've only looked at this application since your mail and this is what I've found so far. This application uses various methods to log in to your hosts. * SSH for any Unix type OS * SNMP for any type of device * WMI and normal NTLM for Windows hosts The passwords to access the hosts are stored in a locally just like your login credentials. IT hosts its own web server named Mongrel according to ServerSpy The whole shebang is managed via a browser, so all those warnings apply. Plus, it it has a section on the right connecting to http://frontend.spiceworks.com/ for adverts Hope this little bit helps you get started. The information contained in this email is confidential and may be subject to legal privilege. The content of this email, which may include one or more attachments, is strictly confidential, and is intended solely for the use of the named recipient/s. If you are not the intended recipient, you cannot use, copy, distribute, disclose or retain the email or any part of its contents or take any action in reliance on it. If you have received this email in error, please email the sender by replying to this message and to permanently delete it and all attachments from your computer. All reasonable precautions have been taken to ensure that no viruses are present in this email and the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.
Current thread:
- spiceworks-opinions please? Murda Mcloud (Jun 25)
- RE: spiceworks-opinions please? Ian Callard (IT) (Jun 30)